diff --git a/packages/svelte/src/internal/client/dom/css.js b/packages/svelte/src/internal/client/dom/css.js
index 74bf2d49f9..75839c504f 100644
--- a/packages/svelte/src/internal/client/dom/css.js
+++ b/packages/svelte/src/internal/client/dom/css.js
@@ -23,6 +23,13 @@ export function append_styles(anchor, css) {
 			style.id = css.hash;
 			style.textContent = css.code;
 
+			// Propagate nonce to the style element for CSP compliance.
+			// Browsers allow reading `element.nonce` from JS but hide it from CSS selectors,
+			// so we can find a nonce from any existing script/style element on the page.
+			var doc = /** @type {Document} */ (/** @type {ShadowRoot} */ (root).host ? root.ownerDocument : root);
+			var nonce = /** @type {HTMLElement | null} */ (doc?.querySelector('[nonce]'))?.nonce;
+			if (nonce) style.nonce = nonce;
+
 			target.appendChild(style);
 
 			if (DEV) {